/** @return null if auth failed, user otherwise */
public User authenticate(final String login, final String password, final boolean rememberMe) {
final Query query = query("select u from UserImpl u where u.name=:user_login");
query.setParameter("user_login", login);
try {
final UserImpl user = (UserImpl) query.getSingleResult();
if (rememberMe && user.getRememberToken() == null) {
final String token = generateToken();
user.setRememberToken(token);
entityManager.merge(user);
}
return user.checkPassword(password) ? user : null;
} catch (NoResultException e) {
return null;
}
}
public void forgetMe(final User user) {
((UserImpl) user).setRememberToken(null);
entityManager.merge(user);
}